Ask the Experts

Ask the Experts

• How container security tools affect overall system security

  Container security continues to be a pressing issue as containers and hosts are being used more frequently. Learn how to keep your enterprise safe with Matt Pascucci.  Continue Reading

• How does a Bluetooth vulnerability enable validation attacks?

  Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting firmware and operating system software drivers. Learn how it works and can be mitigated.  Continue Reading

• How does Thanatos ransomware decryptor tool restore data?

  Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been paid.  Continue Reading

• How is the Trezor cryptocurrency online wallet under attack?

  A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it with expert Nick Lewis.  Continue Reading

• How does signed software help mitigate malware?

  Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this attack.  Continue Reading

• How does the Mylobot botnet differ from a typical botnet?

  The new Mylobot botnet demonstrated new, complex tools and techniques that are modifying botnet attacks. Learn how this botnet differs from a typical botnet with Nick Lewis.  Continue Reading

• How does new MacOS malware target users through chat?

  New malware targets cryptocurrency investors through MacOS and chat platforms were recently discovered. Learn how OSX.Dummy malware works and what users can do to spot the attack.  Continue Reading

• How is Plead malware used for cyberespionage attacks?

  Cyberespionage hackers have used stolen digital certificates to steal data. Expert Michael Cobb explains how hackers sign Plead malware to conduct these attacks.  Continue Reading

• What is behind the growing trend of BEC attacks?

  BEC attacks cost over $676 million in 2017, according to the FBI's Internet Crime Report. Learn how to recognize possible BEC attacks from expert Michael Cobb.  Continue Reading

• How does site isolation defend against Spectre vulnerabilities?

  Spectre exploits how processors manage performance-enhancing features. Expert Michael Cobb explains Google Chrome's initiative to use site isolation as a defense mechanism.  Continue Reading

• How does the public Venmo API pose a threat for users?

  The public Venmo API setting puts users at risk by providing detailed insight into their transactions and personal lives. Expert Michael Cobb discusses the risks of public APIs.  Continue Reading

• How can U2F authentication end phishing attacks?

  By requiring employees to use U2F authentication and physical security keys, Google eliminated phishing attacks. Learn how the combination works from expert Michael Cobb.  Continue Reading

• How was Kea DHCP v1.4.0 affected by a security advisory?

  Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson.  Continue Reading

• Does pcAnywhere put election management systems at risk?

  ES&S admitted it installed the insecure remote access program pcAnywhere on election management systems. Learn what pcAnywhere is and what this risk means for election systems.  Continue Reading

• Siemens Siclock: How do threat actors exploit these devices?

  Siemens disclosed six Siclock flaws that were found within its central plant clocks. Discover why three flaws have been rated critical and how threat actors can exploit devices.  Continue Reading